Open Access. Powered by Scholars. Published by Universities.®
- Institution
-
- Old Dominion University (13)
- Air Force Institute of Technology (8)
- Embry-Riddle Aeronautical University (6)
- Wayne State University (6)
- Nova Southeastern University (5)
-
- SelectedWorks (4)
- University of New Haven (4)
- City University of New York (CUNY) (3)
- Sacred Heart University (3)
- Brigham Young University (2)
- Kennesaw State University (2)
- Selected Works (2)
- The University of Akron (2)
- University of Arkansas, Fayetteville (2)
- University of Kentucky (2)
- Wright State University (2)
- Boise State University (1)
- Clemson University (1)
- Edith Cowan University (1)
- La Salle University (1)
- Liberty University (1)
- Louisiana Tech University (1)
- Purdue University (1)
- Southern Methodist University (1)
- The University of Southern Mississippi (1)
- TÜBİTAK (1)
- University of Central Florida (1)
- University of Louisville (1)
- University of Massachusetts Amherst (1)
- University of Nebraska - Lincoln (1)
- Publication Year
- Publication
-
- Theses and Dissertations (10)
- Chemical Engineering and Materials Science Faculty Research Publications (6)
- CCE Theses and Dissertations (5)
- Jeremy Straub (5)
- Electrical & Computer Engineering and Computer Science Faculty Publications (3)
-
- Engineering Management & Systems Engineering Theses & Dissertations (3)
- Publications (3)
- Browse all Theses and Dissertations (2)
- Doctoral Dissertations (2)
- Doctoral Dissertations and Master's Theses (2)
- Electrical & Computer Engineering Faculty Publications (2)
- Electrical & Computer Engineering Theses & Dissertations (2)
- Engineering Technology Faculty Publications (2)
- Graduate Theses and Dissertations (2)
- Journal of Cybersecurity Education, Research and Practice (2)
- Publications and Research (2)
- School of Computer Science & Engineering Faculty Publications (2)
- Williams Honors College, Honors Research Projects (2)
- All Theses (1)
- Boise State University Theses and Dissertations (1)
- Capstones (1)
- Computational Modeling & Simulation Engineering Theses & Dissertations (1)
- Computer Science Faculty Publications and Presentations (1)
- Copyright, Fair Use, Scholarly Communication, etc. (1)
- Department of Electrical and Computer Engineering Faculty Publications (1)
- Dissertations (1)
- Electronic Theses and Dissertations (1)
- HON499 projects (1)
- Honors Theses (1)
- Honors Undergraduate Theses (1)
- Publication Type
Articles 1 - 30 of 85
Full-Text Articles in Engineering
Longitudinal Attacks Against Iterative Data Collection With Local Differential Privacy, Mehmet Emre Gürsoy
Longitudinal Attacks Against Iterative Data Collection With Local Differential Privacy, Mehmet Emre Gürsoy
Turkish Journal of Electrical Engineering and Computer Sciences
Local differential privacy (LDP) has recently emerged as an accepted standard for privacy-preserving collection of users’ data from smartphones and IoT devices. In many practical scenarios, users’ data needs to be collected repeatedly across multiple iterations. In such cases, although each collection satisfies LDP individually by itself, a longitudinal collection of multiple responses from the same user degrades that user’s privacy. To demonstrate this claim, in this paper, we propose longitudinal attacks against iterative data collection with LDP. We formulate a general Bayesian adversary model, and then individually show the application of this adversary model on six popular LDP protocols: …
Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim
Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim
Journal of Cybersecurity Education, Research and Practice
This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …
What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer
What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer
Military Cyber Affairs
On April 6, 2023, the Atlantic Council’s Cyber Statecraft Initiative hosted a panel discussion on the new National Cybersecurity Strategy. The panel featured four senior officials from the Office of the National Cyber Director (ONCD), the Department of State (DoS), the Department of Justice (DoJ), and the Department of Homeland Security (DHS). The author attended and asked each official to identify the most important elements that policymakers and strategists must understand about cyber. This article highlights historical and recent struggles to express cyber policy, the responses from these officials, and the author’s ongoing research to improve national security cyber policy.
Self-Learning Algorithms For Intrusion Detection And Prevention Systems (Idps), Juan E. Nunez, Roger W. Tchegui Donfack, Rohit Rohit, Hayley Horn
Self-Learning Algorithms For Intrusion Detection And Prevention Systems (Idps), Juan E. Nunez, Roger W. Tchegui Donfack, Rohit Rohit, Hayley Horn
SMU Data Science Review
Today, there is an increased risk to data privacy and information security due to cyberattacks that compromise data reliability and accessibility. New machine learning models are needed to detect and prevent these cyberattacks. One application of these models is cybersecurity threat detection and prevention systems that can create a baseline of a network's traffic patterns to detect anomalies without needing pre-labeled data; thus, enabling the identification of abnormal network events as threats. This research explored algorithms that can help automate anomaly detection on an enterprise network using Canadian Institute for Cybersecurity data. This study demonstrates that Neural Networks with Bayesian …
An Empirical Study Of Pre-Trained Model Reuse In The Hugging Face Deep Learning Model Registry, Wenxin Jiang, Nicholas Synovic, Matt Hyatt, Taylor R. Schorlemmer, Rohan Sethi, Yung-Hsiang Lu, George K. Thiruvathukal, James C. Davis
An Empirical Study Of Pre-Trained Model Reuse In The Hugging Face Deep Learning Model Registry, Wenxin Jiang, Nicholas Synovic, Matt Hyatt, Taylor R. Schorlemmer, Rohan Sethi, Yung-Hsiang Lu, George K. Thiruvathukal, James C. Davis
Department of Electrical and Computer Engineering Faculty Publications
Deep Neural Networks (DNNs) are being adopted as components in software systems. Creating and specializing DNNs from scratch has grown increasingly difficult as state-of-the-art architectures grow more complex. Following the path of traditional software engineering, machine learning engineers have begun to reuse large-scale pre-trained models (PTMs) and fine-tune these models for downstream tasks. Prior works have studied reuse practices for traditional software packages to guide software engineers towards better package maintenance and dependency management. We lack a similar foundation of knowledge to guide behaviors in pre-trained model ecosystems.
In this work, we present the first empirical investigation of PTM reuse. …
Cybersecurity And Digital Privacy Aspects Of V2x In The Ev Charging Structure, Umit Cali, Murat Kuzlu, Onur Elma, Osman Gazi Gucluturk, Ahmet Kilic, Ferhat Ozgur Catak
Cybersecurity And Digital Privacy Aspects Of V2x In The Ev Charging Structure, Umit Cali, Murat Kuzlu, Onur Elma, Osman Gazi Gucluturk, Ahmet Kilic, Ferhat Ozgur Catak
Engineering Technology Faculty Publications
With the advancement of green energy technology and rising public and political acceptance, electric vehicles (EVs) have grown in popularity. Electric motors, batteries, and charging systems are considered major components of EVs. The electric power infrastructure has been designed to accommodate the needs of EVs, with an emphasis on bidirectional power flow to facilitate power exchange. Furthermore, the communication infrastructure has been enhanced to enable cars to communicate and exchange information with one another, also known as Vehicle-to-Everything (V2X) technology. V2X is positioned to become a bigger and smarter system in the future of transportation, thanks to upcoming digital technologies …
Defense Of A Small Network, Isabella Adkins
Defense Of A Small Network, Isabella Adkins
Williams Honors College, Honors Research Projects
A sample network will be virtually created consisting of three routers, one switch, and three hosts. The network will be secured using various methods such as enabling passwords and encryption. After the network has been properly secured, various attacks will be attempted with the goal of breaking into the network. These attacks include reconnaissance (gathering information), penetrating the network using the tool Metasploit, and attempting to get a credential phishing email to end users. If successful in the attacks, the network will be revisited and analyzed for any weaknesses or oversights.
Small Business Office Network, Michael Gerome
Small Business Office Network, Michael Gerome
Williams Honors College, Honors Research Projects
This project will emulate a small office network environment. The project will demonstrate the process of building and configuring the network to meet the requirements laid out in the project plan. This network includes four subnets with Windows 10 end devices and a Kali Linux device, it also includes five Cisco layer 2 switches and three Cisco routers. There are also three subnets connecting the routers to each other to enable routing between the subnets. After the network environment is set up, various penetration tests are performed from the Kali Linux device to gather information. The Nmap reconnaissance tool is …
Ict Security Tools And Techniques Among Higher Education Institutions: A Critical Review, Miko Nuñez, Xavier-Lewis Palmer, Lucas Potter, Chris Jordan Aliac, Lemuel Clark Velasco
Ict Security Tools And Techniques Among Higher Education Institutions: A Critical Review, Miko Nuñez, Xavier-Lewis Palmer, Lucas Potter, Chris Jordan Aliac, Lemuel Clark Velasco
Electrical & Computer Engineering Faculty Publications
Higher education institutions (HEIs) are increasingly relying on digital technologies for classroom and organizational management, but this puts them at higher risk for information and communication (ICT security attacks. Recent studies show that HEIs have experienced more security breaches in ICT security composed of both cybersecurity an information security. A literature review was conducted to identify common ICT security practices in HEIs over the last decade. 11 journal articles were profiled and analyzed, revealing threats to HEIs’ security and protective measures in terms of organizational security, technological security, physical security, and standards and frameworks. Security tools and techniques were grouped …
Cyber Resilience Analytics For Cyber-Physical Systems, Md Ariful Haque
Cyber Resilience Analytics For Cyber-Physical Systems, Md Ariful Haque
Electrical & Computer Engineering Theses & Dissertations
Cyber-physical systems (CPSs) are complex systems that evolve from the integrations of components dealing with physical processes and real-time computations, along with networking. CPSs often incorporate approaches merging from different scientific fields such as embedded systems, control systems, operational technology, information technology systems (ITS), and cybernetics. Today critical infrastructures (CIs) (e.g., energy systems, electric grids, etc.) and other CPSs (e.g., manufacturing industries, autonomous transportation systems, etc.) are experiencing challenges in dealing with cyberattacks. Major cybersecurity concerns are rising around CPSs because of their ever-growing use of information technology based automation. Often the security concerns are limited to probability-based possible attack …
Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba
Software Protection And Secure Authentication For Autonomous Vehicular Cloud Computing, Muhammad Hataba
Dissertations
Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC.
In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our …
Supporting The Discovery, Reuse, And Validation Of Cybersecurity Requirements At The Early Stages Of The Software Development Lifecycle, Jessica Antonia Steinmann
Supporting The Discovery, Reuse, And Validation Of Cybersecurity Requirements At The Early Stages Of The Software Development Lifecycle, Jessica Antonia Steinmann
Doctoral Dissertations and Master's Theses
The focus of this research is to develop an approach that enhances the elicitation and specification of reusable cybersecurity requirements. Cybersecurity has become a global concern as cyber-attacks are projected to cost damages totaling more than $10.5 trillion dollars by 2025. Cybersecurity requirements are more challenging to elicit than other requirements because they are nonfunctional requirements that requires cybersecurity expertise and knowledge of the proposed system. The goal of this research is to generate cybersecurity requirements based on knowledge acquired from requirements elicitation and analysis activities, to provide cybersecurity specifications without requiring the specialized knowledge of a cybersecurity expert, and …
Development Of A Security-Focused Multi-Channel Communication Protocol And Associated Quality Of Secure Service (Qoss) Metrics, Paul M. Simon
Development Of A Security-Focused Multi-Channel Communication Protocol And Associated Quality Of Secure Service (Qoss) Metrics, Paul M. Simon
Theses and Dissertations
The threat of eavesdropping, and the challenge of recognizing and correcting for corrupted or suppressed information in communication systems is a consistent challenge. Effectively managing protection mechanisms requires an ability to accurately gauge the likelihood or severity of a threat, and adapt the security features available in a system to mitigate the threat. This research focuses on the design and development of a security-focused communication protocol at the session-layer based on a re-prioritized communication architecture model and associated metrics. From a probabilistic model that considers data leakage and data corruption as surrogates for breaches of confidentiality and integrity, a set …
Cyber Deception For Critical Infrastructure Resiliency, Md Ali Reza Al Amin
Cyber Deception For Critical Infrastructure Resiliency, Md Ali Reza Al Amin
Computational Modeling & Simulation Engineering Theses & Dissertations
The high connectivity of modern cyber networks and devices has brought many improvements to the functionality and efficiency of networked systems. Unfortunately, these benefits have come with many new entry points for attackers, making systems much more vulnerable to intrusions. Thus, it is critically important to protect cyber infrastructure against cyber attacks. The static nature of cyber infrastructure leads to adversaries performing reconnaissance activities and identifying potential threats. Threats related to software vulnerabilities can be mitigated upon discovering a vulnerability and-, developing and releasing a patch to remove the vulnerability. Unfortunately, the period between discovering a vulnerability and applying a …
Predictors Of Email Response: Determinants Of The Intention Of Not Following Security Recommendations, Miguel Angel Toro-Jarrin
Predictors Of Email Response: Determinants Of The Intention Of Not Following Security Recommendations, Miguel Angel Toro-Jarrin
Engineering Management & Systems Engineering Theses & Dissertations
Organizations and government leaders are concerned about cyber incidents. For some time, researchers have studied what motivates people to act in ways that put the confidentiality, integrity, and availability of information in organizations at risk. Still, several areas remained unexplored, including the role of employees’ evaluation of the organizational systems and the role of value orientation at work as precursors of secure and insecure actions in relation to information technologies (information security [IS] action). The objective of this research project was to examine how the evaluations of formal and informal security norms are associated with the intention to follow them …
Actuator Cyberattack Handling Using Lyapunov-Based Economic Model Predictive Control, Keshav Kasturi Rangan, Henrique Oyama, Helen Durand
Actuator Cyberattack Handling Using Lyapunov-Based Economic Model Predictive Control, Keshav Kasturi Rangan, Henrique Oyama, Helen Durand
Chemical Engineering and Materials Science Faculty Research Publications
Cybersecurity has gained increasing interest as a consequence of the potential impacts of cyberattacks on profits and safety. While attacks can affect various components of a plant, prior work from our group has focused on the impact of cyberattacks on control components such as process sensors and actuators and the development of detection strategies for cybersecurity derived from control theory. In this work, we provide greater focus on actuator attacks; specifically, we extend a detection and control strategy previously applied for sensor attacks and based on an optimization-based control technique called Lyapunov-based economic model predictive control (LEMPC) to detect attacks …
Quantum Computing And Resilient Design Perspectives For Cybersecurity Of Feedback Systems, Keshav Kasturi Rangan, Jihan Abou Halloun, Henrique Oyama, Samantha Cherney, Ilham Azali Assoumani, Nazir Jairazbhoy, Helen Durand, Simon Ka Ng
Quantum Computing And Resilient Design Perspectives For Cybersecurity Of Feedback Systems, Keshav Kasturi Rangan, Jihan Abou Halloun, Henrique Oyama, Samantha Cherney, Ilham Azali Assoumani, Nazir Jairazbhoy, Helen Durand, Simon Ka Ng
Chemical Engineering and Materials Science Faculty Research Publications
Cybersecurity of control systems is an important issue in next-generation manufac- turing that can impact both operational objectives (safety and performance) as well as process designs (via hazard analysis). Cyberattacks differ from faults in that they can be coordinated efforts to exploit system vulnerabilities to create otherwise unlikely hazard scenarios. Because coordination and targeted process manipulation can be characteristics of attacks, some of the tactics previously analyzed in our group from a control system cybersecurity perspective have incorporated randomness to attempt to thwart attacks. The underlying assumption for the generation of this randomness has been that it can be achieved …
Investigation Of Python Variable Privacy, Joshua Bartholomew
Investigation Of Python Variable Privacy, Joshua Bartholomew
Honors Theses
This study looks at the relative security of Python regarding private variables and functions used in most other programming languages. Python has only grown in popularity due to its simple syntax and developing capabilities. However, little research has been published about how secure Python code and programs compiled from Python code actually are. This research seeks to expose vulnerabilities in Python code and determine what must be done for these vulnerabilities to be exploited by hackers to abuse potentially sensitive information contained within the program.
The proposed methodology includes examining the private variable concept in other programming languages and conducting …
Deapsecure Computational Training For Cybersecurity: Third-Year Improvements And Impacts, Bahador Dodge, Jacob Strother, Rosby Asiamah, Karina Arcaute, Wirawan Purwanto, Masha Sosonkina, Hongyi Wu
Deapsecure Computational Training For Cybersecurity: Third-Year Improvements And Impacts, Bahador Dodge, Jacob Strother, Rosby Asiamah, Karina Arcaute, Wirawan Purwanto, Masha Sosonkina, Hongyi Wu
Modeling, Simulation and Visualization Student Capstone Conference
The Data-Enabled Advanced Training Program for Cybersecurity Research and Education (DeapSECURE) was introduced in 2018 as a non-degree training consisting of six modules covering a broad range of cyberinfrastructure techniques, including high performance computing, big data, machine learning and advanced cryptography, aimed at reducing the gap between current cybersecurity curricula and requirements needed for advanced research and industrial projects. By its third year, DeapSECURE, like many other educational endeavors, experienced abrupt changes brought by the COVID-19 pandemic. The training had to be retooled to adapt to fully online delivery. Hands-on activities were reformatted to accommodate self-paced learning. In this paper, …
Assessing Security Risks With The Internet Of Things, Faith Mosemann
Assessing Security Risks With The Internet Of Things, Faith Mosemann
Senior Honors Theses
For my honors thesis I have decided to study the security risks associated with the Internet of Things (IoT) and possible ways to secure them. I will focus on how corporate, and individuals use IoT devices and the security risks that come with their implementation. In my research, I found out that IoT gadgets tend to go unnoticed as a checkpoint for vulnerability. For example, often personal IoT devices tend to have the default username and password issued from the factory that a hacker could easily find through Google. IoT devices need security just as much as computers or servers …
Securing Infiniband Networks With End-Point Encryption, Noah B. Diamond
Securing Infiniband Networks With End-Point Encryption, Noah B. Diamond
Theses and Dissertations
The NVIDIA-Mellanox Bluefield-2 is a 100 Gbps high-performance network interface which offers hardware offload and acceleration features that can operate directly on network traffic without routine involvement from the ARM CPU. This allows the ARM multi-core CPU to orchestrate the hardware to perform operations on both Ethernet and RDMA traffic at high rates rather than processing all the traffic directly. A testbed called TNAP was created for performance testing and a MiTM verification process called MiTMVMP is used to ensure proper network configuration. The hardware accelerators of the Bluefield-2 support a throughput of nearly 86 Gbps when using IPsec to …
Removing The Veil: Shining Light On The Lack Of Inclusivity In Cybersecurity Education For Students With Disabilities, Felicia Hellems, Sajal Bhatia
Removing The Veil: Shining Light On The Lack Of Inclusivity In Cybersecurity Education For Students With Disabilities, Felicia Hellems, Sajal Bhatia
School of Computer Science & Engineering Faculty Publications
There are currently over one billion people living with some form of disability worldwide. The continuous increase in new technologies in today's society comes with an increased risk in security. A fundamental knowledge of cybersecurity should be a basic right available to all users of technology. A review of literature in the fields of cybersecurity, STEM, and computer science (CS) has revealed existent gaps regarding educational methods for teaching cybersecurity to students with disabilities (SWD's). To date, SWD's are largely left without equitable access to cybersecurity education. Our goal is to identify current educational methods being used to teach SWD's …
C2 Microservices Api: Ch4rl3sch4l3m4gn3, Thai H. Nguyễn
C2 Microservices Api: Ch4rl3sch4l3m4gn3, Thai H. Nguyễn
School of Computer Science & Engineering Undergraduate Publications
In the 21st century, cyber-based attackers such as advance persistent threats are leveraging bots in the form of botnets to conduct a plethora of cyber-attacks. While there are several social engineering techniques used to get targets to unknowingly download these bots, it is the command-and-control techniques advance persistent threats use to control their bots that is of critical interest to the author. In this research paper, the author aims to develop a command-and-control microservice application programming interface infrastructure to facilitate botnet command-and-control attack simulations. To achieve this the author will develop a simple bot skeletal framework, utilize the latest …
Few-Shot Malware Detection Using A Novel Adversarial Reprogramming Model, Ekula Praveen Kumar
Few-Shot Malware Detection Using A Novel Adversarial Reprogramming Model, Ekula Praveen Kumar
Browse all Theses and Dissertations
The increasing sophistication of malware has made detecting and defending against new strains a major challenge for cybersecurity. One promising approach to this problem is using machine learning techniques that extract representative features and train classification models to detect malware in an early stage. However, training such machine learning-based malware detection models represents a significant challenge that requires a large number of high-quality labeled data samples while it is very costly to obtain them in real-world scenarios. In other words, training machine learning models for malware detection requires the capability to learn from only a few labeled examples. To address …
Examining Cooperative System Responses Against Grid Integrity Attacks, Alexander D. Parady
Examining Cooperative System Responses Against Grid Integrity Attacks, Alexander D. Parady
Honors Undergraduate Theses
Smart grid technologies are integral to society’s transition to sustainable energy sources, but they do not come without a cost. As the energy sector shifts away from a century’s reliance on fossil fuels and centralized generation, technology that actively monitors and controls every aspect of the power infrastructure has been widely adopted, resulting in a plethora of new vulnerabilities that have already wreaked havoc on critical infrastructure. Integrity attacks that feedback false data through industrial control systems, which result in possible catastrophic overcorrections and ensuing failures, have plagued grid infrastructure over the past several years. This threat is now at …
Analysis Of Deep Learning Methods For Wired Ethernet Physical Layer Security Of Operational Technology, Lucas Torlay
Analysis Of Deep Learning Methods For Wired Ethernet Physical Layer Security Of Operational Technology, Lucas Torlay
All Theses
The cybersecurity of power systems is jeopardized by the threat of spoofing and man-in-the-middle style attacks due to a lack of physical layer device authentication techniques for operational technology (OT) communication networks. OT networks cannot support the active probing cybersecurity methods that are popular in information technology (IT) networks. Furthermore, both active and passive scanning techniques are susceptible to medium access control (MAC) address spoofing when operating at Layer 2 of the Open Systems Interconnection (OSI) model. This thesis aims to analyze the role of deep learning in passively authenticating Ethernet devices by their communication signals. This method operates at …
Another Brick In The Wall: An Exploratory Analysis Of Digital Forensics Programs In The United States, Syria Mccullough, Stella Abudu, Ebere Onwubuariri, Ibrahim Baggili
Another Brick In The Wall: An Exploratory Analysis Of Digital Forensics Programs In The United States, Syria Mccullough, Stella Abudu, Ebere Onwubuariri, Ibrahim Baggili
Electrical & Computer Engineering and Computer Science Faculty Publications
We present a comprehensive review of digital forensics programs offered by universities across the United States (U.S.). While numerous studies on digital forensics standards and curriculum exist, few, if any, have examined digital forensics courses offered across the nation. Since digital forensics courses vary from university to university, online course catalogs for academic institutions were evaluated to curate a dataset. Universities were selected based on online searches, similar to those that would be made by prospective students. Ninety-seven (n = 97) degree programs in the U.S. were evaluated. Overall, results showed that advanced technical courses are missing from curricula. We …
Industrial Control System Data Resiliency, Daniel A. Bovard
Industrial Control System Data Resiliency, Daniel A. Bovard
Boise State University Theses and Dissertations
This thesis identifies and fortifies against a critical vulnerability in industrial control system (ICS) security. A properly designed ICS security framework consists of a multi-layered approach starting with heavy fortifications in information technology and ending with control information of operational technology. Currently, ICS security frameworks lack visibility and place blind trust in devices at the lowest level of the control hierarchy. Attaining control data visibility at the lowest level of the control hierarchy is critical to increasing the resiliency of an ICS security posture. This thesis demonstrates how this data can be captured at the lowest level of the control …
Quantifying Cyber Risk By Integrating Attack Graph And Impact Graph, Omer F. Keskin
Quantifying Cyber Risk By Integrating Attack Graph And Impact Graph, Omer F. Keskin
Engineering Management & Systems Engineering Theses & Dissertations
Being a relatively new risk source, models to quantify cyber risks are not well developed; therefore, cyber risk management in most businesses depends on qualitative assessments. With the increase in the economic consequences of cyber incidents, the importance of quantifying cyber risks has increased. Cyber risk quantification is also needed to establish communication among decision-makers of different levels of an enterprise, from technical personnel to top management.
The goal of this research is to build a probabilistic cybersecurity risk analysis model that relates attack propagation with impact propagation through internal dependencies and allows temporal analysis.
The contributions of the developed …
Cross Domain Iw Threats To Sof Maritime Missions: Implications For U.S. Sof, Gary C. Kessler, Diane M. Zorri
Cross Domain Iw Threats To Sof Maritime Missions: Implications For U.S. Sof, Gary C. Kessler, Diane M. Zorri
Publications
As cyber vulnerabilities proliferate with the expansion of connected devices, wherein security is often forsaken for ease of use, Special Operations Forces (SOF) cannot escape the obvious, massive risk that they are assuming by incorporating emerging technologies into their toolkits. This is especially true in the maritime sector where SOF operates nearshore in littoral zones. As SOF—in support to the U.S. Navy— increasingly operate in these contested maritime environments, they will gradually encounter more hostile actors looking to exploit digital vulnerabilities. As such, this monograph comes at a perfect time as the world becomes more interconnected but also more vulnerable.